SOAC-Net: A Model to Manage Service-Based Business Process Authorization
Business Process (BP) can be supported by a large number of resources with evolving contents. In order to receive the support from these resources, the BP must satisfy the authorization policies of these resources. On the other hand, a BP also has its own authorization policies that users must satisfy in order to interact with the BP. Meanwhile, execution policies need to be applied to manage the sequence of tasks invocations in a BP. Therefore, without proper coordination among these policies, BP may not be able to perform correctly, e.g., imperative support from a specific resource could be missing or unauthorized user access can occur.